<?php
session_start();
require_once('../ns_html.class.php');

//If this is recieved from the logon form
if (isset($_POST['loginSubmit']))
{	
    $cleanUsername = mysql_escape_string($_POST['username']); //Clean the username
    $hashedPassword = md5($_POST['password']); //Hash the plaintext password
    
    $isValidUser = $html->nsDatabase->authenticateWebUser($cleanUsername, $hashedPassword);
    if ($isValidUser)
    {
        $tempUser = $html->nsDatabase->UserByUsername($cleanUsername);
        $_SESSION['username'] = $tempUser->Username();
    } else {
        unset($_SESSION['username']);
    }
    
}

header("Location: index.php");
?>